Bluetooth security / Christian Gehrmann, Joakim Persson, Ben Smeets.

Format:

Book

Author/Creator:

Gehrmann, Christian.

Contributor:

Persson, Joakim.

Smeets, Ben.

Series:

Artech House computer security series

Language:

English

Subjects (All):

Bluetooth technology--Security measures.

Bluetooth technology.

Security systems.

Physical Description:

xii, 204 pages : illustrations ; 24 cm.

Place of Publication:

Boston : Artech House, [2004]

Summary:

Bluetooth technology is becoming a popular way to furnish short-range wireless interconnectivity as an alternative to existing wire applications or as an enabling technology for new ones With the number of Bluetooth-equipped consumer and industry devices rapidly increasing, it stands on the threshold of global deployment. This first-of-its-kind book, from expert authors actively contributing to the evolution of Bluetooth, provides an overview and detailed description of all the security functions and features of this technology's latest core release. The book shows networking professionals how to design a highly secure Bluetooth system and implement security enhancements it also helps practitioners fully understand the main security risks involved with introducing Bluetooth-based communications in their organizations.

Contents:

1.1 Bluetooth system basics 3

1.1.2 Trade-offs 4

1.1.3 Bluetooth protocol stack 4

1.1.4 Physical layer 6

1.1.5 Baseband 7

1.1.6 Link manager protocol 13

1.1.7 Logical link control and adaptation protocol 15

1.1.8 Host control interface 15

1.1.9 Profiles 17

1.2.1 User scenarios 19

2 Overview of the Bluetooth Security Architecture 27

2.1 Key types 27

2.2 Pairing and user interaction 29

2.3 Authentication 30

2.4 Link privacy 31

2.4.1 Protect the link 32

2.4.2 Encryption algorithm 32

2.4.3 Mode of operation 34

2.4.4 Unicast and broadcast 36

2.5 Communication security policies 37

2.5.1 Security modes 38

2.5.2 Security policy management 42

3 Bluetooth Pairing and Key Management 43

3.1 Pairing in Bluetooth 43

3.2 HCI protocol 44

3.3 LM protocol 45

3.4 Baseband events 46

3.4.1 Initialization key generation 47

3.4.2 Unit key generation 47

3.4.3 Combination key generation 49

3.4.4 Authentication 50

3.4.5 Master key generation 52

3.5 User interaction 53

3.6 Cipher key generation 54

3.6.1 Encryption key K[subscript C] 54

3.6.2 Constraint key K'[subscript C] 55

3.6.3 Payload key K[subscript P] 57

3.7 Key databases 58

3.7.1 Unit keys generation requirements 58

3.7.2 Combination key generation requirements 58

3.7.3 Key databases 60

3.7.4 Semipermanent keys for temporary use 63

4 Algorithms 65

4.1 Crypto algorithm selection 65

4.1.1 Block ciphers 65

4.1.2 Stream ciphers 66

4.2 SAFER+ 67

4.2.1 Authentication algorithm E[subscript 1] 70

4.2.2 Unit key algorithm E[subscript 21] 71

4.2.3 Initial key algorithm E[subscript 22] 72

4.2.4 Encryption key algorithm E[subscript 3] 73

4.3 Encryption engine 73

4.4 Ciphering algorithm E[subscript 0] 74

4.4.1 Initialization 77

4.5 Implementation aspects 79

5 Broadcast Encryption 81

5.2 Preparing for broadcast encryption 82

5.3 Switching to broadcast encryption 83

6 Security Policies and Access Control 87

6.1.1 Trust relations 88

6.1.2 Security levels 88

6.1.3 Flexibility 89

6.1.4 Implementation considerations 89

6.2 Security manager architecture 90

6.2.2 Device trust level 91

6.2.3 Security level for services 92

6.2.4 Connection setup 92

6.2.5 Database contents and registration procedure 95

7 Attacks, Strengths, and Weaknesses 97

7.1 Eavesdropping 97

7.2 Impersonation 105

7.3 Pairing 107

7.4 Improper key storage 109

7.4.1 Disclosure of keys 110

7.4.2 Tampering with keys 111

7.4.3 Denial of service 111

7.5 Unit key 112

7.6 Location tracking 113

7.6.1 Bluetooth device address and location tracking 113

7.6.2 Five different types of location tracking attacks 115

7.7 Implementation flaws 116

Part II Bluetooth Security Enhancements 121

8 Providing Anonymity 123

8.1 Overview of the anonymity mode 123

8.2 Address usage 124

8.2.1 The fixed device address, BD_ADDR_fixed 124

8.2.2 The active device address, BD_ADDR 125

8.2.3 Alias addresses, BD_ADDR_alias 128

8.3 Modes of operation 128

8.4 Inquiry and paging 129

8.4.1 Connectable mode 129

8.4.2 Private connectable mode 130

8.4.3 General connectable mode 131

8.5 Alias authentication 131

8.6 Pairing 133

8.7 Anonymity mode LMP commands 133

8.7.1 Address update, LMP active address 134

8.7.2 Alias address exchange, LMP alias address 134

8.7.3 Fixed address exchange, LMP fixed address 135

8.8 Pairing example 136

9 Key Management Extensions 139

9.1 Improved pairing 140

9.1.1 Requirements on an improved pairing protocol 140

9.1.2 Improved pairing protocol 141

9.1.3 Implementation aspects and complexity 147

9.2 Higher layer key exchange 149

9.2.1 IEEE 802.1x port-based network access control 150

9.2.2 Higher layer key exchange with EAP TLS 152

9.3 Autonomous trust delegation 154

9.3.1 Security group extension method 154

9.3.2 Public key-based key management 160

9.3.3 Group extension method versus public key method 163

10 Security for Bluetooth Applications 167

10.1 Headset 168

10.1.1 Headset security model 168

10.1.2 Pass-key and key management 169

10.2 Network access 173

10.2.1 Common access keys 174

10.2.2 Security architecture 175

10.2.3 Network service subscription 175

10.2.4 Initial connection 177

10.2.5 Subsequent access to NAcPs 179

10.3 SIM access 181

10.3.1 The SIM access profile 181

10.3.2 Securing SIM access 182.

Notes:

Includes bibliographical references and index.

ISBN:

1580535046

OCLC:

55095428